Date: Fri, 23 Mar 2001 08:32:50 +0700 (ICT) From: Olivier Nicole <on@cs.ait.ac.th> Cc: freebsd-security@FreeBSD.ORG Subject: Re: DoS attack - advice needed Message-ID: <200103230132.IAA07082@banyan.cs.ait.ac.th> In-Reply-To: <BIEHKEFNHFMMJEKCDMLNAELOCGAA.oldfart@gtonet.net> References: <BIEHKEFNHFMMJEKCDMLNAELOCGAA.oldfart@gtonet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>I filter ICMP, at my router, too. I only allow incomming ICMP from source >ports 0, 3 & 11 and I allow all outgoing ICMP. I just do it to help security >not as a stop-gap measure. To get back on the original poster's questions, Why not filtering the same outgoing ports as the incoming ones? That would help the global Internet security/performance, by making sure no attack can be launched from your network. As about why ICMP is needed, basics tools used by network people are based on ICMP. As long as you are connected to only one provider, that is OK, but if not, then you DO need traceroute... If only to know where your packets are going and if they are going in the right direction. Olivier To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103230132.IAA07082>